Re: [AVT] RFC 3711 - keystream prefix

[Mats Na"slund <mats.naslund at ericsson.com>]

Hi,

As is noted in the beginning of Sect 4.1 and 4.2 of RFC3711, the key
stream prefix is a quantity used by some message authentication codes
(MACs). The currently defined MAC (HMAC) does *not* use it (which is
taken care of by defining the prefix length to be zero for HMAC,
see Sect 4.2.1).

*If* a MAC used in SRTP requires a key stream prefix, said prefix
is typically XORed onto the MAC tag. The latter operation is not shown
in Figure 3, which is perhaps confusing. However, since the only MAC
currently specified in RFC3711 (HMAC) as noted does not use the prefix
at all, it might have been equally confusing, had we shown it in use...

The reason the prefix is there at all is that

a) An earlier version of SRTP used another MAC (called TMMH) which
   *did* use the prefix.

b) We wish to be forwards compatible with possible future use of
   such MACs (see Sect 7.3). If/when such a MAC is defined for use in
   SRTP, the RFC defining it needs to specify how to use the prefix
   (e.g. as noted above, a simple XOR).

Hope this clarifies.

Best,

/Mats

Ofer Goren wrote:

> ------------------------------------------------------------------------
>
> Date:
> Wed, 11 Aug 2004 10:00:06 +0200
>
>
> Hi all.
>  
> The RFC specifies a keystream prefix that can be used in SRTP sessions, 
> but does not exactly describes how to use it. Is it transmitted in the 
> packet, or using another outbound protocol? What do I do with it, and how?
>  
> Thanks,
>  
> Ofer Goren


_______________________________________________
Audio/Video Transport Working Group
avt at ietf.org
https://www1.ietf.org/mailman/listinfo/avt